From 339433db20cfc4dd79ec7ef5aef86478fad43197 Mon Sep 17 00:00:00 2001
From: Levi Neuwirth <ln@levineuwirth.org>
Date: Thu, 7 May 2026 15:08:23 -0400
Subject: [PATCH] Quote rsync target variables in Makefile deploy

A VPS_PATH containing whitespace or shell metacharacters would split
on the unquoted expansion and hand rsync extra arguments. The
existing VPS_PATH guard rejects obviously dangerous parents (/srv,
/var, etc.) but does not catch this. Quoting fails closed.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index ed901d3..05f6912 100644
--- a/Makefile
+++ b/Makefile
@@ -144,7 +144,7 @@ deploy: clean build sign
 	# fails (auth, branch protection, network), abort before touching
 	# the VPS so the public source repo and the live site stay in sync.
 	git push -u origin main
-	rsync -avz --delete _site/ $(VPS_USER)@$(VPS_HOST):$(VPS_PATH)/
+	rsync -avz --delete _site/ "$(VPS_USER)@$(VPS_HOST):$(VPS_PATH)/"
 
 watch: export SITE_ENV = dev
 watch: